Improper Authorization in Samsung Health Affects User Data Access
CVE-2026-21056

4.8MEDIUM

Key Information:

Vendor

Samsung

Vendor
CVE Published:
10 July 2026

What is CVE-2026-21056?

A vulnerability in Samsung Health prior to version 7.00.0.107 is caused by improper authorization mechanisms. This flaw allows local attackers to gain unauthorized access to sensitive information related to connected devices. By exploiting this vulnerability, attackers can potentially retrieve and misuse user data, emphasizing the importance of timely software updates to safeguard personal information.

Affected Version(s)

Samsung Health 7.00.0.107

References

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.